Add a flag that defaults to on allowing the control of delete states from external callers such as pfCenter
Run on CD-ROM, too, it should be writable after rc.cdrom
Sync password database right after mount, in case it is corrupt. (Except on CD-ROM platform).
Revert "Already doing this no need to duplicate" <- no, we aren't 100% duplicating this. This commit breaks fully reconfiguring assigned gif interfaces.
This reverts commit 87f0f42c3230ad7ad15b14a8a9d63c58f8b2e379.
Switch back to the default gateway configured when possible when gateway switching is active
Correct check for the gif mtu during an interface readdition to bridge.
Only apply remote_network setting for p2p modes, since it is not valid for remote access modes. Fixes #1707
Revert wrong fix of Bug #1711.
Correctly restart the SSL lighty instance when running.
Remove 'maxproc' since its unused in the code and correctly use maxprocperip to allow the GUI setting to be actually usable. Reported-by: http://forum.pfsense.org/index.php/topic,39155.0.html
Bug #1711. Acct-x-Octets are always 0 in Captive Portal -> Radius acct messages.
Correct the check for mtu 1500 to inlcude it. Also add the check on bridge_add_member function
Fix php behaviour on xmlrpc sync and vouchers starting with a number. Apparently php uses that to deduce the type of var and gets confused.
Extend this script to also add an ipv6 rule.
removes variables concatenation on gettext strings
makes correct use of printf and gettext
removes variables names and replace it with '%s'
Redirect errors to file
Ticket #1552. Do not allow route-to to be set on block/reject rules for now. The issue is in the kernel but for 2.0 this protection is enough.
Ticket #1193. Do not show default queue checkbox when another queue has it selected.
fix correct name
Correct ts filename
Ticket #1052. Enforce certificates if they are present for authenticating to ldap. Allow to select a CA under ldap type authentication backend to be used for this.
Fix missing " in gettext line
Already doing this no need to duplicate
Revert "Only load modules once"
This reverts commit 00b9730d6fe20272a40e707b709e677a847b7863.
Only load modules once
CRL fixes for empty CRLs (so they don't kill OpenVPN)
Adding ioncube_loader
Correct version in /etc/version to say what it is rather than the wrong thing from the merge.
Remove extra "/"
Fix merge conflict
Merge pull request #5 from smos/master
Welcome IPv6!
fix missing "
Allow a ZMQ syslog address
Merge remote-tracking branch 'upstream/master'
Conflicts: etc/inc/easyrule.inc etc/inc/filter.inc etc/inc/interfaces.inc etc/inc/services.inc etc/inc/xmlrpc_client.inc usr/local/www/fbegin.inc usr/local/www/services_dhcp.php
Create dynamodules in the order they where touched
Do a more strict check on this to avoid warnings
Allow DHCP mappings to be resolved first for reverse lookups.
This was affecting a kerberos installation where the first DNS alias wasgiven for the PTR instead of the static DHCP mapping name, breaking thekerberos tokens.
Enable the pfsync checking unconditionally
Actually give pfsync time to catch up.
If the sync has not finished do not start carp yet
Fix gettext
Merge remote-tracking branch 'mainline/master' into inc
Fixes #1666. For OpenVPN interfaces always check if part of bridge or not.
fix text
Ticket #1564. Give +x to the script so it can be executed. Simple hah :)
Merge remote branch 'upstream/master'
$g needs to be a global. Resolves #1654
Actually do pass an argument for second -b to avoid matching more tha supposed too.
Ticket #1646. Put netmasks of /32 to the parameters of pfctl -b to avoid that ocassions it matches more than it should.
Feature #1603. Correct nested urltable alias code to be more fullproof to errors and does not break the ruleset on large lists of urltables. Though this needs a revisit to work properly since it breaks urltable alias property of reloading contents.
Add function to return a certificate's common name.
Conflicts: etc/version
Implement gettext
Conflicts: etc/inc/priv.defs.inc
Add issing include to avoid PHP fatal error when calling enable_rrd_graphing()
Add checks for miniupnpd to avoid php errors.
Make it HEAD since we already have builder code using this
Version bump master branch to MASTER
Oops use ;
Show errors.
If vouchers are disabled do not allow users to authenticate thorugh existing(active/in use) vouchers. Reported-by: http://forum.pfsense.org/index.php/topic,38342.0.html
Launch running script as well
Don't check OpenVPN ports in use against disabled clients or servers
Add rc.local.running if rc.local is running so it can reattach after a console logout
Fix copy and pasto
Launch rc.local into &
Feature#1603. URL table aliases should be usable within network type aliases.
Remove $id. Bump (C) date
If rc.local exists launch it
Regenerate permissions
Use error log and log errors to /tmp/PHP_errors.log
Use empty() so we don't use it if it's defined but blank.
If available, also track the IP used by a user making a config change.
Correct pid filename so the instance of lighty for SSL is running.
Move interfaces_staticarp_configure() to interfaces.inc where it really belongs.
Instead of deleting arp entries, reconfigure static arp. For interfaces without static arp enabled, the net effect is the same (arp entries are already deleted as part of that function). Fixes #1628
Check if an item is an array before treating it as such in the upgrade code.
Put resolvconf generation first since gif tunnels can use hostanmes
Add recovery code for gif/gre the same as in interface_configure. This helps gif/gre tunnels. Needed for capr? Suggested-by: jim-p
Move apinger monitor reconfigure down after gif, since gif can add gateways.
Do not show the root interface queue on the queue list availble since it is not allowed to choose it. Ticket #636
Reconfigure gif so it picks up the new wan ip.
Add proper checks in auth code for testing if the section has been set in the config. Also do the same in the ugprade code
Add he.net tunnelbroker update dyndns type
Adding patch for pfearly hook from Andrew Thompson
Bail out of ipsec_get_phase1_dst if there is no remote gateway, else it falls into running resolve_retry() with invalid parameters causing a long delay in returning.
In upgrade code for server load balancing, set redirect_mode. Also in the backend code, assume redirect_mode as the default if it's not set.
send lighttpd a KILL in restart_webgui, once I've seen the former way result in a never ending stream of .... never killing it, and others have reported the same. a killall -9 sufficed in those instances to kill it, so this should resolve.
Fix off-by-one in OpenVPN "local" to "ipaddr" conversion.